Hub
 

Hub as SAML Identity Provider for Google Apps for Work

Last modified: 09 October 2024

When you configure a Hub server as the Identity Provider for your Google Apps instance, end-users can log into Google Apps with their credentials in Hub or any other authentication module enabled in Hub.

This configuration also enables single sign-on. When a user logs into one of the services that is connected to Hub, they are logged into all connected services.

Before you start, verify the following prerequisites:

  • You must have administrative privileges in both Google Apps for Work and Hub.

  • To log into Google Apps with Hub, a user must have a registered account in Google Apps. In Google Apps, it is not allowed to create new users automatically via SAML.

  • You must have the SSL certificate file that you use for SAML2.0 in Hub. You will need to upload this file to Google Apps during the configuration.

Due to the Google Apps requirements, only end-users can log into Google Apps using a third-party SAML IdP (in this case, Hub). Google Apps administrators can only log in directly on the Google Admin console login page. For details, refer to this Google documentation page.

Keeping this in mind, use a non-administrative account to test the SAML configuration.